Help shape how healthcare uses AI and cloud technology while keeping sensitive data locked down and compliant. This fully remote Compliance Specialist role lets you own FedRAMP and HITRUST programs that truly matter in the real world, not just on paper.
About Jorie AI
Jorie AI transforms healthcare operations through intelligent automation, secure cloud solutions, and data-driven insights. The company helps healthcare organizations streamline workflows, reduce manual work, and protect sensitive patient information. Jorie AI stands out by combining cutting-edge AI with a strong commitment to security, privacy, and regulatory compliance.
Schedule
Full-time, remote position based out of Oak Brook, Illinois.
Standard Monday–Friday schedule aligned with US business hours.
Collaboration with IT, security, DevOps, and audit teams across time zones.
What You’ll Do
- Support the implementation and ongoing maintenance of Jorie’s FedRAMP authorization program in line with agency and customer requirements.
- Develop and maintain FedRAMP documentation, including System Security Plans (SSPs), POA&Ms, and other supporting artifacts.
- Partner with internal IT and cloud engineering teams to ensure continuous compliance for systems hosted in AWS, Azure, or other cloud service providers.
- Coordinate with 3PAOs and government stakeholders during audits, assessments, and authorization activities.
- Align FedRAMP Moderate/High, HITRUST CSF, and NIST 800-53 controls across multiple frameworks and regulatory programs.
- Maintain evidence, control mappings, and compliance matrices for HITRUST, SOC 2, HIPAA, PCI, and related standards.
- Participate in HITRUST recertification cycles, including control review, policy updates, and evidence validation.
- Collaborate with internal and external auditors to ensure accurate reporting and visibility into Jorie’s compliance posture.
- Assist with continuous monitoring of security controls and remediation of POA&M findings.
- Conduct risk assessments for cloud systems, vendors, and integrations that impact the FedRAMP boundary.
- Coordinate vulnerability scans, incident response activities, and configuration management documentation to meet FedRAMP and HITRUST expectations.
- Develop, update, and enforce policies tied to data security, cloud compliance, and regulatory reporting.
- Provide guidance and training to engineering, DevOps, and IT teams working in the FedRAMP/HITRUST environments.
- Support internal readiness reviews, gap assessments, and long-term compliance roadmap initiatives.
What You Need
- Bachelor’s degree in Information Security, Computer Science, Compliance, or a related field.
- 3–6 years of experience in compliance, information security, or risk management.
- At least 2 years of direct experience supporting FedRAMP programs or similar government compliance frameworks.
- Hands-on experience with HITRUST CSF processes, including evidence collection and auditor coordination.
- Background working in cloud environments such as AWS, Azure, or GCP, with familiarity using continuous monitoring tools (for example Splunk, Qualys, Nessus).
- Experience in healthcare, AI, or SaaS environments strongly preferred.
- Strong understanding of NIST 800-53, FedRAMP Moderate/High baselines, HITRUST CSF, and related control mapping.
- Solid working knowledge of HIPAA, SOC 2, and ISO 27001.
- Excellent documentation and writing skills, especially for formal compliance deliverables like SSPs, POA&Ms, and risk assessments.
- Strong analytical, organizational, and communication skills, with the ability to work across technical and non-technical teams.
- HITRUST Certified CSF Practitioner (CCSFP) required.
- One or more of the following is preferred: CISA, CRISC, CISSP, FedRAMP (3PAO) assessor experience, Security+, or CCSP.
Benefits
- Competitive salary in the range of $120,000 to $150,000, based on experience and qualifications.
- Fully remote role with the backing of a growing, tech-forward healthcare company.
- Chance to own and shape FedRAMP and HITRUST programs at scale in a highly visible position.
- Daily impact at the intersection of AI, cloud security, and healthcare innovation.
If you’re serious about FedRAMP, HITRUST, and building real-world security programs, don’t sit on this one.
Take the next step in your compliance career and throw your hat in the ring.
Happy Hunting,
~Two Chicks…